0:22 - Welcome!!0:33 - Short recap from last week0:56 - Please share your feedback about the podcast in this google form1:10 - SQL InjectionInjecting malicious SQL statements into the database through the user input2:23 - How to preventTreat user input as untrusted - Filter and validate2:43 - Security misconfigurationHappens when a part of your web application is defenseless against attackUsing default credentialsAllowing users to have access to information about the application through the stack trace4:18 - How to preventDon't overshare informationHave a minimal footprint for the different components of your applicationDon't keep default accounts, files, or directories5:14 - Broken authenticationHappens when an attacker masquerades as a user through. different meansCredential stuffing: using known breached accountsAutomated attacks: using random credentialsDefault(lazy) credentialsStolen session Ids8:46 - How to preventThe web server could be used to create unique session ids different from the ones created by the browserAdd a limit to failed loginsMuti-factor authenticationPassword complexitySocial mediaRewire with Susan - InstagramSusan's Twitter, Facebook, and [email protected], feel free to share your thoughts and feedback hereSupport the show

Ver todos los episodios